How to Store Your Bitcoin Safely: From Pocket Balance to Insane Stack Value
In short: the more Bitcoin you hold, the stronger the security you need. Better security usually means more effort, inconvenience, and sometimes more cost — but it’s worth it. This guide is only about safely storing Bitcoin.
The Golden Rules! (We Could Have Said the Bitcoin Rules...)
- OPEN SOURCE (this is the way!) (You might not be able to check the code yourself, but some paranoid devs will do it! Same as the grammar psychos who correct everyone on social media.)
- Non-custodial.
- Secure element to protect your seeds (level 2).
- Bitcoin only! (fewer points of failure).
- Air-gapped (level 3).
- Multi-sigs (level 3).
- Connected to a trusted node! (Privacy is no joke!)
Following this, we definitely avoid Ledger (no open source), Trezor before Safe 5/7 (no secure element—acceptable for level 1), and do we have to mention no exchanges EVER!
Level 1 (Hot Wallet, Seeds Stored Encrypted on App, Online)
The daily (pocket money) stack: currently < 0.01 BTC.
Bitcoin only: Blue Wallet, Nunchuk, or Green Wallet.
Lightning only: Blue Wallet, Phoenix, Breez, Muun.
On level one, you might want Bitcoin and Lightning. There’s one no-brainer: Blue Wallet!
(Important: Write down your seeds on paper offline and store them securely. Connect the wallet to a trusted node (preferably over Tor) before the first use, use a complex password for encryption, and don’t use biometrics!)
Using a hot desktop wallet doesn’t really make sense at this level unless for practical use (merchants, BTCPayServer, Blink…).
Level 2 (Cold Wallet, Seeds Stored on Hardware Devices, Offline)
The savings account stack: currently between 0.01 BTC and 0.5 BTC.
Foundation Passport, Coldcard Q, BitBox02 (Bitcoin only), Jade Plus, Trezor (Safe 5/7), SeedSigner.
They are all solid choices with a little advantage here and there, but you can’t go wrong with any. On this level, if you have to pick one: Foundation! If you’re paranoid: SeedSigner!
Always double-check the tampering of the devices. On any install/update, double-check the software signature!
Instead of a device and seeds on paper, some use two devices with the same seed set in them and located in different places to add a layer of security for the raw seeds.
On that level, the use of a passphrase (known as the 25th word) to create a decoy wallet might be a clever move.
Also remember to never ever mention the amount of your stack to anybody! You don’t want any home invasion or harm to relatives—equip yourself accordingly!
Level 3 (Top <1% Nation-State Level!)
Generational wealth!: currently > 0.5 BTC.
Requirement: NO SINGLE POINTS OF FAILURE!
Air-gapped, multisig, passphrase, pure entropy, extra-jurisdictional geography.
We need Sparrow Wallet to create the multisig air-gapped wallet.
The hardware trio is made following the air-gapped property (BitBox02 or Trezor Safe 5/Safe 7 are also valid picks).
2-of-3 Multisig with 2 metal plate backups #1 #2.
- Foundation Passport Core (#1 Fireproof safe in my apartment, #2 Safe-deposit box at my bank, if possible in another country).
- Blockstream Jade Plus, almost never at home—kept in a small bag that travels with me (#1 stored with a trusted family member (hidden in a wall), #2 with a lawyer in another city/country).
- SeedSigner, device itself is cheap—usually just left in a drawer (stateless, no seed stored), seed generated with camera + dice entropy (#1 in a bank safe-deposit box in a third country, #2 buried with GPS coordinates known only to your heirs).
Additional hardening:
The SeedSigner seed gets an additional BIP-39 passphrase (“25th word”) that is not written down with the 24 words. It lives only in my head and will be passed orally or via dead-man’s switch.
All three seeds backed up on Cryptosteel Capsule Solo or Billfodl (fireproof to 1400 °C, corrosion-proof).
Watch-only wallet + descriptors stored encrypted (age + Shamir’s secret sharing 2-of-3) on three USB sticks in three continents.
A small inheritance amount in a separate 1-of-1 on a decoy Trezor that you would hand over under duress.
That setup has no single point of failure that any realistic attacker (thief, rogue state, house fire, manufacturer backdoor, robbery, divorce, country collapse, or your own death) can exploit.
What you MUST keep (the only things that matter long-term):
- The three 24-word seed phrases (on metal plates only (2 copies each, geographically split)).
- The three master public fingerprints (or xpubs) (usually written next to the seeds on the metal, 8-character hex, e.g., c3b4a72d).
- The derivation paths (usually m/48’/0’/0’/2′ for native SegWit 2-of-3 multisig. Write it once on the same metal plates or in your will).
- The wallet descriptor (optional but nice) (the full line Sparrow shows, e.g., wsh(sortedmulti(2,[c3b4a72d/48’/0’/0’/2′]xpub…/0/,[a1b2c3d4/48’/0’/0’/2′]xpub…/0/,[e5f6g7h8/48’/0’/0’/2′]xpub…/0/*))#checksum. One copy on paper or encrypted USB is enough).
This is what serious holders call “inheritance-grade” custody: You’ve now built something stronger than most banks offer. ₿
